[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.815793] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.679747] random: sshd: uninitialized urandom read (32 bytes read) [ 24.097862] random: sshd: uninitialized urandom read (32 bytes read) [ 24.867885] random: sshd: uninitialized urandom read (32 bytes read) [ 348.305870] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.22' (ECDSA) to the list of known hosts. [ 353.732181] random: sshd: uninitialized urandom read (32 bytes read) 2018/05/21 20:51:37 parsed 1 programs 2018/05/21 20:51:37 executed programs: 0 [ 354.351300] IPVS: ftp: loaded support on port[0] = 21 [ 354.533631] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.540284] bridge0: port 1(bridge_slave_0) entered disabled state [ 354.547874] device bridge_slave_0 entered promiscuous mode [ 354.567401] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.573842] bridge0: port 2(bridge_slave_1) entered disabled state [ 354.580896] device bridge_slave_1 entered promiscuous mode [ 354.598919] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 354.619215] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 354.672375] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 354.692674] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 354.776667] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 354.783995] team0: Port device team_slave_0 added [ 354.802102] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 354.810133] team0: Port device team_slave_1 added [ 354.829169] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 354.849455] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 354.868365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 354.889161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 355.048947] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.055582] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.062752] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.069210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.657216] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.716593] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 355.767385] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 355.773632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 355.780957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 355.820919] 8021q: adding VLAN 0 to HW filter on device team0 2018/05/21 20:51:42 executed programs: 208 2018/05/21 20:51:47 executed programs: 524 2018/05/21 20:51:52 executed programs: 847 2018/05/21 20:51:57 executed programs: 1165 2018/05/21 20:52:02 executed programs: 1479 2018/05/21 20:52:07 executed programs: 1800 2018/05/21 20:52:12 executed programs: 2131 2018/05/21 20:52:17 executed programs: 2449 [ 397.694062] kasan: CONFIG_KASAN_INLINE enabled [ 397.698883] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 397.706284] general protection fault: 0000 [#1] SMP KASAN [ 397.711814] Dumping ftrace buffer: [ 397.715325] (ftrace buffer empty) [ 397.719013] Modules linked in: [ 397.722198] CPU: 0 PID: 9310 Comm: syz-executor0 Not tainted 4.17.0-rc6+ #87 [ 397.729359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.738698] RIP: 0010:__radix_tree_delete+0x74/0x230 [ 397.743872] RSP: 0018:ffff8801b386f168 EFLAGS: 00010206 [ 397.749215] RAX: 0000000000000003 RBX: dffffc0000000000 RCX: 1ffff1003670de4a [ 397.756458] RDX: 0000000000000000 RSI: ffffffff87696bdd RDI: ffff8801b6874868 [ 397.763705] RBP: ffff8801b386f208 R08: ffff8801cda58700 R09: ffffed0036d0e8f1 [ 397.770959] R10: ffff8801b386f318 R11: ffff8801b687478f R12: 0000000000000000 [ 397.778203] R13: ffff8801b6874868 R14: 0000000000000018 R15: ffff8801b386f290 [ 397.785451] FS: 0000000000000000(0000) GS:ffff8801dae00000(0063) knlGS:000000000a356900 [ 397.793654] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 397.799512] CR2: 0000000008148024 CR3: 00000001b0d77000 CR4: 00000000001426f0 [ 397.806759] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 397.814004] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 397.821258] Call Trace: [ 397.823826] ? find_held_lock+0x36/0x1c0 [ 397.827870] ? radix_tree_tag_clear+0x490/0x490 [ 397.832524] ? retint_kernel+0x10/0x10 [ 397.836390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.841904] radix_tree_delete_item+0x148/0x2d0 [ 397.846551] ? radix_tree_lookup+0x30/0x30 [ 397.850762] ? retint_kernel+0x10/0x10 [ 397.854629] ? _copy_from_user+0x100/0x150 [ 397.858839] idr_remove+0x46/0x60 [ 397.862271] kvm_vm_ioctl_hv_eventfd+0x1df/0x24b [ 397.867006] kvm_arch_vm_ioctl+0x155e/0x2690 [ 397.871402] ? kvm_vm_ioctl_irq_line+0x160/0x160 [ 397.876135] ? __lock_acquire+0x7f5/0x5140 [ 397.880353] ? graph_lock+0x170/0x170 [ 397.884135] ? __lock_acquire+0x7f5/0x5140 [ 397.888349] ? find_held_lock+0x36/0x1c0 [ 397.892392] ? print_usage_bug+0xc0/0xc0 [ 397.896431] ? kasan_check_read+0x11/0x20 [ 397.900557] ? rcu_is_watching+0x85/0x140 [ 397.904682] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 397.909850] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 397.915027] ? find_held_lock+0x36/0x1c0 [ 397.919084] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 397.924260] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 397.929776] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 397.934855] ? futex_wake+0x2f6/0x750 [ 397.938643] kvm_vm_ioctl+0x246/0x1d90 [ 397.942509] ? save_stack+0xa9/0xd0 [ 397.946116] ? save_stack+0x43/0xd0 [ 397.949725] ? kvm_set_memory_region+0x50/0x50 [ 397.954283] ? anon_inode_getfd+0x52/0xb0 [ 397.958407] ? do_eventfd+0x1c5/0x290 [ 397.962186] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 397.967353] ? do_futex+0x249/0x27d0 [ 397.971053] ? debug_mutex_init+0x1c/0x60 [ 397.975179] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 397.980175] ? exit_robust_list+0x290/0x290 [ 397.984471] ? lockdep_init_map+0x9/0x10 [ 397.988507] ? debug_mutex_init+0x2d/0x60 [ 397.992637] ? __mutex_init+0x1ef/0x280 [ 397.996591] ? find_held_lock+0x36/0x1c0 [ 398.000632] ? lock_downgrade+0x8e0/0x8e0 [ 398.004768] ? kasan_check_read+0x11/0x20 [ 398.008916] ? rcu_is_watching+0x85/0x140 [ 398.013048] ? __lock_is_held+0xb5/0x140 [ 398.017094] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 398.022264] ? __fd_install+0x2de/0x880 [ 398.026219] ? get_unused_fd_flags+0x190/0x190 [ 398.030780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.036305] ? alloc_file+0x44/0x3e0 [ 398.040009] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.045532] ? anon_inode_getfile+0x380/0x4c0 [ 398.050011] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.055535] ? __fget_light+0x2ef/0x430 [ 398.059489] ? get_unused_fd_flags+0x121/0x190 [ 398.064050] kvm_vm_compat_ioctl+0x13b/0x420 [ 398.068439] ? kvm_vm_ioctl+0x1d90/0x1d90 [ 398.072562] ? __ia32_compat_sys_futex+0x3de/0x5e0 [ 398.077469] ? __x32_compat_sys_get_robust_list+0x430/0x430 [ 398.083156] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 398.088324] ? kvm_vm_ioctl+0x1d90/0x1d90 [ 398.092450] __ia32_compat_sys_ioctl+0x221/0x640 [ 398.097185] do_fast_syscall_32+0x345/0xf9b [ 398.101486] ? do_int80_syscall_32+0x880/0x880 [ 398.106049] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 398.110798] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.116311] ? syscall_return_slowpath+0x30f/0x5c0 [ 398.121221] ? sysret32_from_system_call+0x5/0x46 [ 398.126048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.130874] entry_SYSENTER_compat+0x70/0x7f [ 398.135258] RIP: 0023:0xf7fcbcb9 [ 398.138595] RSP: 002b:00000000ffdd962c EFLAGS: 00000286 ORIG_RAX: 0000000000000036 [ 398.146279] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004018aebd [ 398.153524] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 398.160770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 398.168027] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 398.175281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 398.182530] Code: 48 9a 88 48 c7 45 88 70 6b 69 87 c7 00 f1 f1 f1 f1 c7 40 04 00 f2 f2 f2 c7 40 08 f3 f3 f3 f3 e8 43 c4 0f fa 4c 89 f0 48 c1 e8 03 <80> 3c 18 00 0f 85 97 01 00 00 48 8d 55 d8 4c 8d 7a c0 49 8b 1e [ 398.201660] RIP: __radix_tree_delete+0x74/0x230 RSP: ffff8801b386f168 [ 398.208284] ---[ end trace 5fa0bc69e2fc917c ]--- [ 398.213057] Kernel panic - not syncing: Fatal exception [ 398.218857] Dumping ftrace buffer: [ 398.222380] (ftrace buffer empty) [ 398.226065] Kernel Offset: disabled [ 398.229665] Rebooting in 86400 seconds..